--- /dev/null
+services:
+ freeipa:
+ container_name: freeipa
+ image: freeipa/freeipa-server:almalinux-10
+ restart: always
+ ports:
+ # Web UI / API
+ - "80:80"
+ - "443:443"
+ # LDAP/LDAPS
+ - "389:389"
+ - "636:636"
+ # Kerberos (TCP/UDP)
+ - "88:88/tcp"
+ - "88:88/udp"
+ - "464:464/tcp"
+ - "464:464/udp"
+ # DNS (se --setup-dns)
+ - "53:53/tcp"
+ - "53:53/udp"
+ environment:
+ - TZ=${DOCKER_TZ}
+ privileged: false
+ volumes:
+ - ${DOCKER_CFG_DIR}/freeipa:/data
+ - /sys/fs/cgroup:/sys/fs/cgroup:rw
+ cap_add:
+ - SYS_TIME # se vuoi sincronizzare l'ora dal container
+ networks:
+ - proxy
+ labels:
+ - "traefik.enable=true"
+ # Router: HTTP
+ - "traefik.http.routers.freeipa.entrypoints=http"
+ - "traefik.http.routers.freeipa.rule=Host(`admin.giorgioravera.it`)"
+ - "traefik.http.routers.freeipa.middlewares=portainer-https-redirect"
+ # Router: HTTPS
+ - "traefik.http.routers.freeipa-secure.entrypoints=https"
+ - "traefik.http.routers.freeipa-secure.rule=Host(`admin.giorgioravera.it`)"
+ - "traefik.http.routers.freeipa-secure.tls=true"
+ - "traefik.http.routers.freeipa-secure.service=freeipa"
+ # Middleware: Redirect http to https
+ - "traefik.http.middlewares.freeipa-https-redirect.redirectscheme.scheme=https"
+ # Service: Loadbalancer
+ - "traefik.http.services.freeipa.loadbalancer.server.port=443"
+
+networks:
+ proxy:
+ external: true
projects / docker.git / commitdiff